Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

eddiev

Posted 22 July 2005 - 04:34 PM

I wasn't sure how long jotti took to complete, which is why I'm just getting back to you. Below are the results you requested. Hopefully, I did them correctly.

Note: In between the ### signs is the statistic of a file from Jotti. I don't believe its a part of my results, but I included them anyway. An explanation is below in reference to it.

Jotti Scan:

RunApp.EXE Status: POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database) MD5 00809b4dcdf16159088fcfe80b224a5b Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found probably unknown NewHeur_PE (probable variant) Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing

#######

This is the statistics about the last file (I don't know if it's mine) You can probably disregard the following:

Excal

Posted 22 July 2005 - 05:22 PM

I noticed that your HiJackthis.exe is located on your desktop, make sure to save HijackThis in its own folder (i.e. C:\HJT). This is very important, so HiJackThis can save backups!

How to make a permanent folder:

Click "My Computer", then "C:\" and then on "Program Files".In the menu bar, "File"->"New"->"Folder".That will create a folder named "New Folder", which you can rename to "HJT" or "HijackThis".Now you have "C:\Program Files\HijackThis". Put your HijackThis.exe there.

THE FIX

Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.

1. If you use Windows 95/98/ME/NT/2K, go to My Computer->View->Folder Options->View tab and make sure that 'Show all files' is checked under the 'Hidden Files' section. Also make sure there is no checkmark beside 'Hide file extensions for known file types'.

2. Ensure you are NOT connected to the internet.

3. Reboot into safe mode.

Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.

Excal

Posted 23 July 2005 - 11:56 AM

Excal

Malware Slayer Extraordinaire!

Retired Staff

12,739 posts

Launch Notepad, and copy/paste the box below into a new text file. Save it as fixme.reg (make sure that Save as Type is set at "All Files") on your Desktop. Ensure there is no space at above REGEDIT 4.

Locate fixme.reg on your Desktop and double-click on it. You will receive a prompt similar to: "Do you wish to merge the information into the registry?". Answer "Yes" and wait for a message to appear similar to "Merged Successfully".

few random bad files and folders to clean up.

Please remove the following folders using Windows Explorer (if present):

C:\WINDOWS\SYSTEM\Services

Please remove just the files from the following paths using Windows Explorer (if present):

Download Findit Here and unzip the contents to a folder. When it has unzipped, open that folder and double click on Find.bat. It will run for a while, so be patient, and then produce a log (ignore any File not found messages on the screen, it should continue anyway).

Please copy and paste that log here.

From the moment you post your list, until you see a detailed fix written up, DO NOT reboot your system or log off. If you do, the files will have changed and the fix provided will not work.

If you are unhappy with your current antivirus and want to replace it or if you dont already have one, I suggest one of these free programs: *Note - do not use more than one anti-virus program as it will more than likely cause conflict.